Hackshield bypass Mask(0x2) error

[pongdong1]

Hey people, Pongdong1 here. But call me "High".
I use a .dll injection to bypass hackshield but i have a little problem.
It works fine but after some time (under 30mins max) i get this error.



I have tested a variety of source codes i found using google for other games that bypass Hackshield but all of them end up with the same result.

Here is the source code:

 Spoiler

DWORD BeginJMPBack;
void __cdecl SingleStepDetectionEHS ()
{
__asm cmp eax,0x10501
__asm jmp detectiondone1
__asm cmp esi,0x10705
__asm jmp detectiondone2
__asm cmp ecx,0x10703
__asm jmp detectiondone2
detectiondone1:
__asm mov eax,0
detectiondone2:
__asm mov esi,0
detectiondone3:
__asm mov ecx,0
__asm jmp dword ptr [BeginJMPBack];
}


int __stdcall DetouringHackShield ( DWORD Detail , DWORD CrcCheck )
{
DWORD dwEhSvc = 0;
do{
dwEhSvc = (DWORD)GetModuleHandle("EhSvc.dll");
Sleep(1000);
} while(!dwEhSvc)


BeginJMPBack(dwEhSvc+0x71936);
DetourCreate((PBYTE)(dwEhSvc+0x71691),(LPBYTE)Sing leStepDetectionEHS,5);

__asm
{
push eax
push edx
mov eax,CrcCheck
mov edx,[eax+0xC]
mov Details,edx
pop edx
pop eax
}

if ( CrcCheck == 0x12 && Detail == 0x0A )
{
MemWrite((void*)dwEhSvc+0x09F10)(void*)"\xC2\x04\x 00",3);
}


return (1);
}

Usage :
DetouringHackShield ( 0x12, 0x0A );

If somebody could locate the problem and post it here for a fix then people might actually get a working bypass to use.

EDIT: This is still usable if you compile it into a .dll but it wont last longer than 30mins, in some cases it only lasts 10 mins.

[Domino™]

You forgot to handle psapi.dll or v3pro32s.dll.

You have to detour more than that. Good job so far.

psapi.dll has EnumDeviceDrivers at a certain address.
v3pro32s.dll has AhnCheckBootSector at a certain address.
Handling EhSvc.dll by itself doesn't work. There is new checks within the game client keep alive thus you can't bypass callback like before. o:

[pongdong1]

Quote:

You forgot to handle psapi.dll or v3pro32s.dll.

You have to detour more than that. Good job so far.

psapi.dll has EnumDeviceDrivers at a certain address.
v3pro32s.dll has AhnCheckBootSector at a certain address.
Handling EhSvc.dll by itself doesn't work since there is new checks within the game client keep alive.

So much effort x3 but thanks a bunch!

[Forbidi]

Normal, only copypasta, address are not up to date.

[Domino™]

Even then, it won't work. Thanks captain obvious.

[pongdong1]

Quote:

Normal, only copypasta, address are not up to date.

I said i got it from google, or was that not clear enough? sorry if you didn't understand but what i was planning to do was edit a outdated hackshield bypass .dll for the current s4league. I just needed to know what the problem was.

[naim-nems]

Can you release your bypass?

[mascali1998]

ma come mai mi crash dp 2 minuti. da quando anno fatto aggiornamento mi crash perche.

[pongdong1]

Quote:

Originally Posted by mascali1998

ma come mai mi crash dp 2 minuti. da quando anno fatto aggiornamento mi crash perche.

Windows 7 a 64 bit o qualcosa. si differenzia tra il software del computer.

[Domino™]

Why is it doing a CRC check? It will work just fine if it routines to the correct value. The source code is bad.

[aliffar123]

can tell me how to bypass s4 league?

[ProofPros1]

Gibt immo keine Möglichkeit